Vulnerability Management

Twitter announces launch of bug bounty program

Twitter recently announced its new bug bounty program, rewarding researchers that find security vulnerabilities in its web services and mobile apps.

The social media giant introduced the initiative via its Twitter Security account.

The new program will reward researchers a minimum of $140 for vulnerabilities reported through HackerOne, a third-party reporting platform, according to a blog post on Twitter's HackerOne page.

Thus far, only bugs found on its twitter.com service and iOS and Android apps are valid for the program. Additionally, qualifying vulnerabilities include those that allow for cross-site scripting, cross-site request forgery, remote code execution, unauthorized access to protected tweets and unauthorized access to direct messages.

There is currently no maximum reward and the amounts will vary depending on the severity of the vulnerabilities found. The social media giant will have the final say on the amount given out.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.